ILMA Compoundings June 2019 - 32

BUSINESS HUB

What Do Your Employees Need
to Know About Cybersecurity?
By Bryce Austin

I

f you are not educating your
employees on cybersecurity best
practices, you are missing the biggest opportunity for improvement in
your entire cybersecurity profile. Your
employees have business-need access
to a lot of important data, and their
ability to protect that data - or to
inadvertently let it walk out the door
of your organization - is strong.
Lack of education was at the heart
of a number of incidents in a major
security breach. You have probably
heard about the new HR employee
who got an email from the president
of the organization asking for all the
W2 information on every employee,
so that person sent the information
exactly as instructed. The employee
did not recognize the fact that the
email came from a hacker impersonating the CEO, and a major security
breach took place.
Entire business models are based on
this kind of fraud. Let's pretend that I
am going to build a site with the world's
best collection of cute pet pictures. I'll
give you the first 10 free (and those
10 are the most adorable pictures you
have ever seen), but to see more, you
need to set up a username and password. The access is still free, though.
No big deal, right? Wrong. In this
scenario, I own this website and I am a
criminal, and my business model is to
try to use the username and password
you just entered at every major banking
website, on all major email providers,
on your company's virtual private
network (VPN) portal, and anywhere
else that I think you might have used
the same username and password. I will
then extract any valuable information
I can from those sites, sell the information for a profit, possibly demand
ransom from you for your own data

32

JUNE 2019

| COMPOUNDINGS | ILMA.ORG

to make even more money, and then
move on to the next victim.
Need some numbers to illustrate
why educating your employees about
cybersecurity practices is important?
* Per IDG's 2016 Global State of
Information Security Survey,
48% of data security breaches are
caused by acts of malicious intent.
Human error or system failure
account for the rest.
* According to the Ponemon
Institute, 60% of employees use
the same password for everything
they access. Meanwhile, 63% of
confirmed data breaches leverage a
weak, default or stolen password.
So, where can your company start?
Start with a training program. Your
employees need to be educated on
cybersecurity best practices. One of the
issues that any cybersecurity awareness
training program should address:
Implement real password policies.
There's no easy way to say this, so I'm
just going to say it: Passwords stink. They
are no fun to create, no fun to remember
and no fun to type. That being said,
passwords are still the most common
authentication method today. It is
imperative to implement a password
policy requiring complex passwords
that can't easily be guessed, and enduser training must go along with it.
Microsoft's Active Directory "require
complex passwords" setting is a start, but
end-user training is also mandatory.
Many people use the same passwords
for every online system that requires
a password. This is a problem. If one
site gets hacked, cybercriminals will
try your credentials at all common
websites and possibly at your business's
VPN. It is imperative that your

cybersecurity awareness training program encourages your team members
to use different passwords for different
sites, and especially for any system that
your company uses.
Most companies have some sort of
safety guidelines that their employees must follow or be aware of, and
cybersecurity should be no different.
There are a number of companies that
specialize in this type of training, but
not all of them would be a good fit
for your company culture. Picking the
right type of training is critical; having a
good cultural fit is more important than
the actual content. Be sure to do proper
due diligence to ensure that the training
content offered by the company or
companies you are considering is a good
fit for the culture of your company.
The important message here is that
you already know you must train
your employees on certain things in
order to have them perform their job
functions. Cybersecurity is one of
those things. If you are uncertain as
to how to structure a cybersecurity
training program, find an advisor who
can help you.
Here are a few questions to help
explore this topic further with your
company's leaders: When was the last
time you were trained on cybersecurity? What did you take away from
it? Do your team members who have
access to sensitive data get additional
training that goes above and beyond
the training for those who do not?
Austin is the CEO of TCE
Strategy, an internationally
recognized speaker on
emerging technology and
cybersecurity issues, and author of Secure
Enough? 20 Questions on Cybersecurity for
Business Owners and Executives.


http://www.ILMA.ORG

ILMA Compoundings June 2019

Table of Contents for the Digital Edition of ILMA Compoundings June 2019

ILMA Compoundings June 2019 - Cover1
ILMA Compoundings June 2019 - Cover2
ILMA Compoundings June 2019 - 1
ILMA Compoundings June 2019 - 2
ILMA Compoundings June 2019 - 3
ILMA Compoundings June 2019 - 4
ILMA Compoundings June 2019 - 5
ILMA Compoundings June 2019 - 6
ILMA Compoundings June 2019 - 7
ILMA Compoundings June 2019 - 8
ILMA Compoundings June 2019 - 9
ILMA Compoundings June 2019 - 10
ILMA Compoundings June 2019 - 11
ILMA Compoundings June 2019 - 12
ILMA Compoundings June 2019 - 13
ILMA Compoundings June 2019 - 14
ILMA Compoundings June 2019 - 15
ILMA Compoundings June 2019 - 16
ILMA Compoundings June 2019 - 17
ILMA Compoundings June 2019 - 18
ILMA Compoundings June 2019 - 19
ILMA Compoundings June 2019 - 20
ILMA Compoundings June 2019 - 21
ILMA Compoundings June 2019 - 22
ILMA Compoundings June 2019 - 23
ILMA Compoundings June 2019 - 24
ILMA Compoundings June 2019 - 25
ILMA Compoundings June 2019 - 26
ILMA Compoundings June 2019 - 27
ILMA Compoundings June 2019 - 28
ILMA Compoundings June 2019 - 29
ILMA Compoundings June 2019 - 30
ILMA Compoundings June 2019 - 31
ILMA Compoundings June 2019 - 32
ILMA Compoundings June 2019 - 33
ILMA Compoundings June 2019 - 34
ILMA Compoundings June 2019 - 35
ILMA Compoundings June 2019 - 36
ILMA Compoundings June 2019 - 37
ILMA Compoundings June 2019 - 38
ILMA Compoundings June 2019 - 39
ILMA Compoundings June 2019 - 40
ILMA Compoundings June 2019 - Cover3
ILMA Compoundings June 2019 - Cover4
https://www.nxtbook.com/ygsreprints/ILMA/G127535ILMA_vol71_no7
https://www.nxtbook.com/ygsreprints/ILMA/G126213ILMA_vol71_no6
https://www.nxtbook.com/ygsreprints/ILMA/G125546_ILMA_vol71_no5
https://www.nxtbook.com/ygsreprints/ILMA/G124996_ILMA_vol71_no4
https://www.nxtbook.com/ygsreprints/ILMA/G123886_ILMA_vol71_no3
https://www.nxtbook.com/ygsreprints/ILMA/G123315_ILMA_vol71_no2
https://www.nxtbook.com/ygsreprints/ILMA/G122980_ILMA_vol71_no1
https://www.nxtbook.com/ygsreprints/ILMA/G121540_ILMA_vol70_no11
https://www.nxtbook.com/ygsreprints/ILMA/G120882_ILMA_vol70_no10
https://www.nxtbook.com/ygsreprints/ILMA/G120035_ILMA_vol70_no9
https://www.nxtbook.com/ygsreprints/ILMA/G121XXX_ILMA_vol70_no8
https://www.nxtbook.com/ygsreprints/ILMA/G120XXX_ILMA_vol70_no7
https://www.nxtbook.com/ygsreprints/ILMA/G119XXX_ILMA_vol70_no6
https://www.nxtbook.com/ygsreprints/ILMA/G118112_ILMA_vol70_no5
https://www.nxtbook.com/ygsreprints/ILMA/G117382_ILMA_vol70_no4
https://www.nxtbook.com/ygsreprints/ILMA/G116888_ILMA_vol70_no3
https://www.nxtbook.com/ygsreprints/ILMA/G115555_ILMA_vol70_no2
https://www.nxtbook.com/ygsreprints/ILMA/G114774_ILMA_vol70_no1
https://www.nxtbook.com/ygsreprints/ILMA/g110500_ILMA_vol69_no12
https://www.nxtbook.com/ygsreprints/ILMA/g110500_ILMA_vol69_no11
https://www.nxtbook.com/ygsreprints/ILMA/g110500_ILMA_vol69_no10
https://www.nxtbook.com/ygsreprints/ILMA/g109884_ILMA_vol69_no9
https://www.nxtbook.com/ygsreprints/ILMA/g109284_ILMA_vol69_no8
https://www.nxtbook.com/ygsreprints/ILMA/g108494_ILMA_vol69_no7
https://www.nxtbook.com/ygsreprints/ILMA/g107507_ILMA_vol69_no6
https://www.nxtbook.com/ygsreprints/ILMA/g106483_ILMA_vol69_no5
https://www.nxtbook.com/ygsreprints/ILMA/g105803_ILMA_vol69_no4
https://www.nxtbook.com/ygsreprints/ILMA/g104743_ILMA_vol69_no3
https://www.nxtbook.com/ygsreprints/ILMA/g103647_ILMA_vol69_no2
https://www.nxtbook.com/ygsreprints/ILMA/g102869_ILMA_vol69_no1
https://www.nxtbook.com/ygsreprints/ILMA/g101930_ILMA_vol68_no12
https://www.nxtbook.com/ygsreprints/ILMA/g100836_ILMA_vol68_no11
https://www.nxtbook.com/ygsreprints/ILMA/g99200_ILMA_vol68_no10
https://www.nxtbook.com/ygsreprints/ILMA/g98468_ILMA_vol68_no9
https://www.nxtbook.com/ygsreprints/ILMA/g97711_ILMA_vol68_no8
https://www.nxtbook.com/ygsreprints/ILMA/G96767ILMA_vol68_no7
https://www.nxtbook.com/ygsreprints/ILMA/G95397ILMA_vol65_no6
https://www.nxtbook.com/ygsreprints/ILMA/G94323ILMA_vol68_no5
https://www.nxtbook.com/ygsreprints/ILMA/G93127_ILMA_vol69_no4
https://www.nxtbook.com/ygsreprints/ILMA/G91785_ILMA_vol68_no3
https://www.nxtbook.com/ygsreprints/ILMA/G90956_ILMA_vol68_no2
https://www.nxtbook.com/ygsreprints/ILMA/G89146_ILMA_vol68_no1
https://www.nxtbook.com/ygsreprints/ILMA/G87981_ILMA_vol67_no12
https://www.nxtbook.com/ygsreprints/ILMA/G85409_ILMA_vol67_no11
https://www.nxtbook.com/ygsreprints/ILMA/G83595_ILMA_vol67_no10
https://www.nxtbook.com/ygsreprints/ILMA/G81672_ILMA_vol67_no9
https://www.nxtbook.com/ygsreprints/ILMA/G80238_ILMA_vol7_no8
https://www.nxtbook.com/ygsreprints/ILMA/G79388_ILMA_vol7_no7
https://www.nxtbook.com/ygsreprints/ILMA/G78361_ILMA_vol7_no6
https://www.nxtbook.com/ygsreprints/ILMA/G77448_ILMA_vol7_no5
https://www.nxtbook.com/ygsreprints/ILMA/G75899_ILMA_vol67_no4
https://www.nxtbook.com/ygsreprints/ILMA/G75036_ILMA_vol67_no3
https://www.nxtbook.com/ygsreprints/ILMA/G72720_ILMA_vol67_no2
https://www.nxtbook.com/ygsreprints/ILMA/G72220_ILMA_vol67_no1
https://www.nxtbook.com/ygsreprints/ILMA/G70970_ILMA_vol66_no12
https://www.nxtbook.com/ygsreprints/ILMA/G69813_ILMA_vol66_no11
https://www.nxtbook.com/ygsreprints/ILMA/G67522_ILMA_vol66_no10
https://www.nxtbook.com/ygsreprints/ILMA/G66343_ILMA_vol66_no9
https://www.nxtbook.com/ygsreprints/ILMA/G64859_ILMA_vol66_no8
https://www.nxtbookmedia.com